© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
Manish Mittal Technical Marketing, Cisco Systems
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
• Why Desktop Virtualization and Cisco VXI Vision
• The Fundamentals
• Cisco VXI User Experience and Collaboration – Creating the Virtual Workspace
• Cisco VXI End-End Security
• Scaling VXI
• Components involved in Cisco VXI
• VXI Collateral
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
May 20, 2010
Source: Enterprise Strategy Group, Dec., 2010 Source: Gartner HVD Forecast 2010-
2014, December 2010
Source: Morgan Stanley CIO Survey,
Jan 2010 & 2011
Which are important IT initiatives for your
organization for the next 12–24 months?
Desktop Virtualization
Private Cloud
Data Center Consolidation
Data Center Migration
Automating IT—Server Virtualization
23%
24%
25%
31%
36%
HVD Forecast in Millions
0
20
40
60
80
2011 2012 2013 2014 44%
53%
63%
Percent of Respondents w/ VDI Projects Planned
January 2010
January 2009
January 2011
A broad deployment enabled by the next generation virtual workspace
Global hosted virtual desktop (HVD) market will accelerate through 2014
• 70 million units or 15% of Enterprise desktops/laptops*
In 2011 47% of Enterprises initiated Desktop Virtualization projects
• Only 3% desktop penetration*
7 Billion new wireless devices by 2015
* Gartner Group
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
User End
point and
Application
Demands
Lost Agility
& Productivity
Data
Security
Compliance
High TCO and
Lifecycle Costs
Heavy
Administration
Microsoft Windows 7 Migration Reduce migration costs
Reduce application incompatibility
Extend life of existing desktop software
Contractors and Employee-Owned IT Manage desktop image on
employee-owned assets
Provide separation between
corporate and personal desktops
Business Continuity
Endpoint Independence
Rapid Provisioning
Remote and Mobile Users Enable desktop access regardless of
network connection type
Extend security and control
Centrally control sensitive data
Challenges of Traditional PC Environment Purchase Drivers
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
New Virtual Workspace that Unifies Voice, Video, Virtual Desktops
TCO / ROI
Security
Rich Media
System Integration
Collaboration
Borderless
Networks
Data Center
Virtualization
Virtual Workspace
Virtual Workspace
App
Data
Media
Device
Partner Ecosystem
Location
Cisco
VXI
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
PC Centric
Phone Centric
Video Centric
Next Generation Virtual Workspace
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Hypervisor
Virtualized End-to-End Solution
MS Office
Virtualized Data Center
ACE Unified
CM
Quad
ASA Nexus
1000v
Virtual Security Gateway
WAAS
Cisco Collaboration Applications
Compute
UCS
AnyConnect
= Cisco Products
Virtualized
Collaborative Workspace
Cisco VXC 6215
Thin Client
Cisco Virtualization Experience Clients
Cius Business
Tablet
Cisco VXC 4000
PC Client
Cisco VXC
22xx &
21xx Zero
Client
AnyConnect
WAAS
Virtualization-Aware
Borderless Network
Routing PoE
Switching
SiSi
Cisco®
Identity
Services
Engine
End-to-End Management and Optimization
Desktop Virtualization Software
Storage
Applications/Desktop OS
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
• Uncompromised User Experience
Unique new Cisco Virtualization Experience Client (VXC) endpoints
Cisco WAAS for Citrix HDX including ICA protocols
• IT Simplification
Cisco Identity Service Engine for VXI
Cisco Unified Computing Server and
Cisco Unified Fabric Momentum for VXI
• Deployment with Confidence
New VXI Cisco Validated Designs for Citrix and VMware
New VXI Allied Service Support
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Guest Workers
• Rich PC
experience
• Instant resets
• Standard
application set
• University
computer lab
• Training center
Office Workers
• Rich PC
experience
• Personal
• Diverse
applications
and users
• Finance
• Operations
• Marketing
• Administration
Remote Workers
• Secured access
and control
• Location and
device flexibility
• Diverse
applications and
users
• Offshore workers
• Outsourcers,
contractors
• Branch offices
• Teleworkers
Mobile Workers
• Offline access
• Secure
• Diverse
applications and
users
• Sales
• Executives
• Field service
Task Workers
• Simple
• Locked down
• Limited
application
• Factory worker
• Retail clerk
• Bank teller
• Credit card
call center
Benefits
Knowledge Workers
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10 Cisco Confidential © 2011 Cisco and/or its affiliates. All rights reserved. 10
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
Where is computation happening? A
pplic
ation
O
S D
eskto
p
Virtual Desktop Streaming Hosted Virtual Desktop
Application Streaming Hosted Virtual Application
Client-Based Computing Server-Based Computing
Synchronized Desktop
Apps
WinXP
Display Protocol
WinXP
Used VMware Hypervisor as an example. Could use any flavor of Hypervisor
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
Connect to Connection Broker
1
Thin Client
Thick Client
Smartphone/iPad
Identify
target
VM
2 Start
target
VM
4 Query for
user policy 3
Display Protocol
Authentication
Connection Broker
Active Directory
Virtual
Infrastructure
Management
5 Return
VM to
endpoint
Virtual Infrastructure
Connect
VM to
endpoint
6 7 Successful
connection
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
• Latest release: XenDestion 5.5 – Improved HDX for WAN, better
management
• HDX MediaStream and Adaptive Orchestration
• Leverage client-side resources
• Better server scalability
• More simultaneous users over WAN (Controlling Bandwidth
Explosion)
• Handle changing network conditions
• HDX Flash Redirection
• Now can handle 300 ms RTL
• Linux now supported
• Fallback to Server-side rendering adaptively
• HDX VoIP-Over-ICA
• Inline with Cisco VXI approach of separating media
• SDKs for VOIP providers
• Multi-Stream ICA
• Larger Audio Jitter buffers
• Basic Characteristics
• 64 Virtual Channels
• TCP based protocol
• Encryption/Compression
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
Benefits Description
• New optimization controls to reduce bandwidth
• Client Side Caching
• Lossless CODEC
• Build to Lossless GPO
• Customize to reduce bandwidth usage on both
the LAN and WAN
• Optimization Controls available in GPO
• Up to 75% reduction in bandwidth usage
• Improve scalability on WAN links
• Increase user density on WAN
• Configure by user case, user expectation and network
requirements
Power User
• Build to lossless (default)
• Direct CPU/GPU to endpoint mapping
• Superior image quality
Office Worker
• Dynamic network management
• Correct codec for each media type
• Best image quality on available network bandwidth
Task Worker
• Disable build to lossless
• Client side caching
• Best performance on constrained WAN
View
5.0
All use cases = UDP, Secure, future proof, OS & application
independent, session resilience
WIN7 Aero
& Win 8
Metro
Interfaces
All
video
codecs
Network
latency
independent
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15 Cisco Confidential © 2011 Cisco and/or its affiliates. All rights reserved. 15
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
Today’s Workspace • Multiple devices for Desktop, Display, Collaboration
• Multiple wires for Data and Power
• Multiple Applications and versions on each desktop
• End-user tied to endpoint for work
• Multiple data flows to manage from each Workspace – Telephony, Video, HTTP, SMTP, IMAP, CIFS, Custom, etc.
VXI Virtual Workspace Vision
• Single endpoint minimum wiring and data flows
• Integrated Virtual Desktop and Collaboration
• Secure Workspace flexibility and mobility
What is Needed
• Cisco VXC endpoints
• Network access capable of providing power and Data to the workspace
• Desktop Virtualization System that integrates business class collaboration capabilities and Virtualization aware network
Data and Power
Wall Plug
Campus
Data and Power
DC or
Campus
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
• Unusable experience
Hairpin effect
• Increased cost and resource utilization
Bandwidth explosion
Heavy virtual machine processing in data center
Virtual Desktop
Virtual Desktop
Media manager
WAN
Thin Client
Display Protocol
Thin Client Display Protocol
Media Flow
Media Flow
Data Center
Signalling
Signalling
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
End User
VXC 6215
Signalling
Signalling
Data Center
VM
VM VM VM
VM VM VM VM Connection
Broker
Desktop Virtualization S/W VMWare/Citrix
Hypervisor VMWare/Citrix
Desktop O/S
App App Data
VXC 4000
Media Flow outside of Display Protocol
• Software Appliance
on XP and Windows
7
• Voice Support only
• Enables VXI
Collaboration for
refurbished PCs
• Video & Voice
Support
• Linux based endpoint
• Monitors
Single:2560x1600
Dual:1920x1200
• No PoE
Unified
CM and
Unified
Presence
Server
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
Zero Clients Zero Clients Software
Appliance
Thin Client Enterprise Tablet
VXC 2100 Series
VXC 2200
Series
VXC 4000 VXC 6215 Cisco Cius
Shipping Shipping
Available
Q4 CY11
Available
Q4 2011/
Q1 2012
Shipping
VXC on VTG CEC page http://wwwin.cisco.com/voice/products/vxc/index.shtml#tab=0
New Client Additions in v2.5
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
Campus Workers (office professional, variety of apps, personalization, rich media)
• VXC 6215 (thin client)
Mobile Workers (mobile desktop access, variety of apps, personalization, rich media)
• CIUS (tablet)
Task Workers (basic productivity apps)
• VXC 2000 (zero client)
Remote Workers (wide variety)
• CIUS (tablet)
• VXC 2000 (zero client)
• VXC 6215 (thin client)
VXC 4000
(PC software)
enables
Windows PCs
for
Contractors,
Work-at-home
employees,
BYOD use
cases
*Not all
Users are
VDI Users
(i.e. High
Compute)
Use Wyse
to fill gaps
in Portfolio
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
VXC 2100 Series VXC 2200 Series VXC 4000* VXC 6215* Cisco Cius
Form Factor ―Backpack‖ Integrated ―Tower‖
Standalone PC Software
―Tower‖ Standalone
Enterprise Tablet
Availability Shipping Shipping Q4 2011 Q4 2011/Q1 2012 Shipping
Platform Zero Client Zero Client Win7, XP Linux Android (x86)
HVD Protocol Support
2111 – PCoIP 2112 – HDX,RDP
2211 – PCoIP 2212 – HDX,RDP
Citrix XenDesktop, VMware View
HDX Citrix XenDesktop,
VMware View
UC Protocol Support (add on)
N/A N/A Software Appliance HDX, RDP (Q4CY11)
PCoIP (Q1CY12) N/A
UC Client Support*
CUPC, Connect CUPC, Connect CUPC, CUCILync CUPC, CUCILync Native
Voice IP Phone 8961, 9951,
9971 N/A, can be used
with IP Phone Yes Yes Yes
Video IP Phone 9971, 9951
N/A, can be used with IP Video
Phone No Yes Yes
Monitor Support Single or Dual,
1920x1200 Single or Dual,
1920x1200 Varies based on underlying HW
Single:2560x1600 Dual:1920x1200
Single Mirror, 1024x600 (on the
roadmap for dual
monitor support)
PoE PoE PoE N/A No PoE
Encoding & Decoding
Via IP Phone Via IP Phone Audio only. Video on the roadmap.
Standard Video HD Capable*
HD Capable (720p)
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
• VXC 21xx series innovative form factor integrates w/ IP phone that
reduces real estate and simplifies management
• Power over Ethernet (POE) with support for EnergyWise delivering
energy savings and compliance to green initiatives
• Thin Client endpoint that unifies voice, video and virtual desktop
• Software appliance option that leverages existing PC investments
• Mobile endpoint w/ voice, video and virtual desktop in a unique
centrally managed enterprise tablet
• Cisco Validated Designs (CVD) that provide blueprints for
successful deployments and lower TCO
• Cisco Technical Assistance Center (TAC) Allied Solution Support
for end to end solution
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
End-users see pixelization and bad UE without WAN Optimization/Acceleration
T1
Increasing bandwidth might not help
Video processed on HVD causing bandwidth and server compute overload
End-users experience no pixelization on LAN
Branch Router
Branch Office
Data Center
Video Source
Campus
• Hairpinning
•WAN’s effects on Users Experience
• Display Protocol Opaque to the Network
Routing Protocol
Display Protocol Video
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
Transparent insertion into
encrypted ICA/CGP
communication.
WAAS applies TCP flow optimization to
maximize bandwidth usage and
mitigate packet loss.
WAAS delivers multi-user Context-Aware
Data Redundancy that removes redundant
data from across all end user connections.
WAAS applies an inline
compression algorithm over the
optimized data, maximizing savings
Operational Flow
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
Rich Media
Virtual Desktops
USB / Disk
Redirection
Data Center
Bi-Directional Cache
Extra Free Space! CAPACITY
Core Desktop
Virtualization
Branch
Bi- and Uni-Directional Caches
Free Space CAPACITY
Save and Expand Caching
Area
Performance Fairness for All
Branches
Increased bandwidth savings through better compression
Directional data understanding allows for best performance
Citrix-Aware Data Redundancy Elimination
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
Cisco WAAS offers WAN Performance at Scale for Citrix XenDesktop
Before
Cisco
WAAS
After
Cisco
WAAS
0
10
20
30
40
50
60
Seco
nd
s (
s)
70%
faster
Up to 70% Faster
Response Time
80ms T1
WAN
80ms T1 WAN + WAAS
0
20
40
60
80
100
120
140
60%
Savings
2X+
Users K
bp
s
Bandwidth Consumption
Up to 3X More Users
80ms T1
WAN
80ms T1 WAN + WAAS
0
5
10
15
20
25
30
Fra
me p
er
seco
nd
HD Quality
Pixelated
Choppy
Out of Sync
Video Quality
HD Quality User Experience
LAN 80ms T1 WAN
80ms T1 WAN + WAAS
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
Typical Non-Virtual
Workspace
Cisco VXI Virtual Workspace
Data/
PoE/PoE+
Wall Plug
Power Adapters
Cisco
UPOE
Data
Cisco
UPOE
Today’s Workspace with PoE+
Multiple Power Management Points
Cabling Overhead
Desktop Clutter
High Availability only for phone
Obsolete equipment management
High TCO
VXI Workspace with UPoE
Integrated Display Client
High availability (Power Backup)
Minimize workspace clutter
Power Efficiency/Management
EnergyWise Management
Low TCO
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
Cisco UCM
Data Center End User Workspace
Network Printer
Locally Attached Printer
Cisco Unified
Communications
Endpoint
(SCCP, SIP, RTP, SRTP)
Virtual Desktop Display
Protocols
(ICA, RDP, PCoIP)
Network Print Traffic
Desktop Display Protocol (ICA, PCoIP, RDP)
Telephony Signaling (SCCP, SIP)
Telephony Media (RTP, sRTP)
VMWare/Citrix
Cisco UCS with
Virtual Desktops
Cisco UCS with
Service VMs
(like print server)
Protocol TCP/UDP Port DSCP/CoS Value RDP 7 TCP 3389 DSCP af21 and CoS2
ICA TCP 1494 DSCP af21 and CoS 2
PC over IP (PCoIP) TCP & UDP 4172 DSCP af21 and CoS 2
SCCP TCP 2000 DSCP cs3 and CoS 3
SIP TCP 5060 DSCP cs3 and CoS 3
CTI TCP 2748 DSCP cs3 and CoS 3
Media (RTP,
sRTP) UDP 16384 to
32767 DSCP ef (audio only), DSCP
af41 (audio/video) and CoS 5
•Local DC flows (Storage, Hypervisor
management, etc) not shown
•QoS models for latest endpoints use
TRP or Flow based classification.
Details coming soon.
Campus or WAN Network
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29 Cisco Confidential © 2011 Cisco and/or its affiliates. All rights reserved. 29
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
• Enterprises expect security policy compliance. Compliance is typically achieved by using technologies such as 802 1.x based machine and user authentication, IPSec/SSL VPNs, Smartcards, 2 factor authentication, certificate based authentication
• Moving to desktop virtualization creates an access layer in the data center that needs to be secured similar to the Campus access
• To enable BYOD in highly flexible hybrid deployments, device profiling, access restrictions and versatile remote access solutions are required
• Antivirus solutions for VDI environment are required without impacting TCO
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
PHONE SSL VPN TUNNEL
VXI SSL VPN TUNNEL
Cisco ASA
ISR 891
VXC 21XX
UC Control
Media Flow
VXI Traffic
CVO IPSec Tunnel
UCM
VXI DC Campus
Internet Cisco IP Phone VXC VPN
• Cisco IP Phone VXC VPN
Supported with 89xx and 99xx phones with Phone load 9.2.3 and CUCM 9.0
Requires ASA to terminate two tunnels
Two SSL VPN licenses consumed on the ASA
Unified communication traffic prioritized over VXI traffic
Computer port on the phone protected by VXI ACL and MAC address authentication
VXC 2200 endpoints will work but are not officially supported
Campus
Workspace
• Cisco Virtual Office
VXI ACLs to allow only Display traffic
VXC 2112, 2212, 4000, 6215 supported using 802.1x, MAB and Auth Proxy
Ports with VXI ACL opened for VXC 2111 and 2211
WiFi support for mobile endpoints
VXC 22XX
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32
• Anyconnect has the largest footprint of supported devices
Thick endpoints: Windows, Mac and Linux
Apple iOS 4 - Including iPhone
Cisco VXC endpoints not supported today
iPad and CIUS support Anyconnect 2.5 only
• Always On or On-Demand VPN
• Auto Re-Connect (Persistence)
• Built-In Digital Cert Support
• Optimal Gateway Selection
• Support for VDI Applications/ Receiver Support
VXC 4000
VXC 6215
VXC 22xx VXC 21xx CIUS
iPad
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33
• AnyConnect on Mobile Client allows secure remote connections to corporate network and Virtual Desktops
• Split tunneling and ScanSafe allow secure remote access to Internet from local browser on the endpoint or from within Virtual Desktop
• Web traffic is inspected by WSA at HQ or in the ScanSafe Cloud
• VXI traffic is forwarded to the DataCenter
• Remote HVD access using Cisco VPN technology allows access to both VXI and non-VXI applications while still using a single, and in most cases existing, infrastructure.
Internet
Cisco ASA
Split Tunnel
Inside network
192.168.225.0 Mobile Consultant
SSL VPN Client
Tunnel IP
192.168.11.1 192.168.11.0 Outside
172.21.61.125
Internet
Internet Traffic
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34
• VXI service only • Internet only • Full access
Differentiated Access
Controlled Access
Broker
Campus
Internet
• Policy Based Device/User Network Access
Enable differentiated network access to Device/User type
Utilize existing network access control infrastructure
Allow controlled access only to VXI infrastructure for Employee owned assets, Temporary workers etc.
• Policy Based DC resource access from HVD
Common VDI infrastructure for different user groups for cost and flexibility reasons
Controlled access to sensitive resources in Data Center
Using Security Group Access
Goal: Extend existing SGA based access control to VDI (SMB)
Using Virtual Switch and Virtual Firewall
Goal: Provide access level security closest to HVD (including east-west traffic Control)
Open to separate policy management using virtual firewalls
Central Policy Engine
Data Center Network
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
• Nexus 1000v provides Access Security in virtualized Data Center
DHCP Snooping
Dynamic ARP Inspection
IP Source Guard
• Virtual Ethernet Module (VEM) and Virtual Supervisor Module (VSM) together create highly scalable switching fabric
Networking capabilities at the hypervisor level
L2 switching, CDP, Netflow, ACLs, QoS, SNMP, etc
Mgmt, monitoring and config of VEM instances
Server Zones
HVD Zones
Commercial Banker
Network
Trader at Desk
Client
Records
Cisco AnyConnect
ASA
Public Internet
Interest Rates
Portal
Trading
Tools
Business Loan
Application
Virtual Security Gateway
(VSG)
IT Admin Executives Commercial
Banker Trader
Nexus 1000v
IT Admin
VM context aware rules Context
aware
Establish zones of trust Zone based
Controls
Policies follow vMotion Dynamic,
Agile Efficient, Fast, Scale-out
SW Best-in-class
Architecture
VSG
Security team manages security
Non-
Disruptive
Operations
Central mgmt, scalable
deployment, multi-tenancy Policy Based
XML API, security profiles Designed for
Automation
VNMC
Supported with Vmware vSphere only
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36
• Virus scan is an essential component of Virtual desktop environments
• VXI offers choices from an ecosystem of validated AV solutions optimized for Desktop Virtualization
• Traditional AV software, even when optimized, impact HVD densities and hence the TCO
• Trend Micro Anti-Virus solution has been added to VXI Phase 2.5 along with McAfee MOVE-AV 1.5
• Storage IOPS requirements and Login/Boot/AV Storms should be considered in the design apart from HVD density impact
• Licensing and Support directly from AV vendor
Workload Profile AV Scan Policy HVD Density
KW only N/A 110/110
KW with MoveAV 1.5 Default 90/90
18% impact on HVD Density
XenDesktop 5/ ESXi 4.1 , Win 7 32b/1.5G/20G Optimizations done based on Citrix/VMware recommendations
Workload Profile AV Scan Policy HVD Density
KW only N/A 110/110
KW with MoveAV 1.5 Default 90/90
18% impact on HVD Density
View 4.5/ ESXi 4.1 , Win 7 32b/1.5G/20G Optimizations done based on Citrix/VMware recommendations
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37 Cisco Confidential © 2011 Cisco and/or its affiliates. All rights reserved. 37
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38
Applications /Desktop OS
MS Office
Increase HVD Density by Optimizing
Hypervisor Resource Usage
ACE Unified
CM
Quad
ASA
Nexus
1000v
Virtual Security Gateway
WAAS
Cisco Collaboration Applications
Hypervisor
Desktop Virtualization Software
Storage
Compute
UCS
Objective: Maximize User Density and Improve ROI by Scaling the Data Center
Strategies
Increase HVD Density with Cisco UCS
Extended Memory; preserve user
experience with PCoIP Offload
Extend Investment in Shared Storage with
Caching Technologies to Reduce IOPS
Increase availability and load-balance
connection brokers with Cisco ACE
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39
Increase performance and capacity for demanding virtualization workloads
Xeon 5600 Xeon 5600
Cisco UCS With
Extended Memory
48 DIMMs
Max 384GB
Higher Performance
= > Cisco UCS Servers
Higher HVD
Density
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40
Offloads PCoIP image processing to reduce CPU load, enable more users per server
APEX 2800 PCoIP Offload Card
• Insures consistent, reliable user
experience regardless of server
demand
• Reduces server CPU utilization up
to 50%; adapts to fluctuating
workloads
• Supports up to 64 displays
• Validated with Cisco UCS C Series
Rack Mount Servers
• Offload card plugs directly into
server
• Can increase user density, enable
existing users to run intensive apps
Cisco UCS C Series
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41
Halting Idle Millisecond
Penalty (HIMP)
Memory Reclamation
Memory Ballooning
• vSphere 5.0 adjusts default settings for
advanced, hard-to-change parameters that
impact HVD density and throughput
• Now optimized for hosting dense HVD
workloads
• Cisco VXI validating the impact of these
changes on desktop density with UCS.
• Dynamically distributes memory across
multiple VMs
• Memory can be reallocated automatically
on running VMs (no power off)
• Responds to changes in workload or
application
• Increased memory efficiency intended to
support more VMs per server
VMware vSphere 5.0 Microsoft Hyper-V R2 FP1
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
SAN/NAS
Storage
1/10Gbe Fiber Channel Hypervisor
DATA Hypervisor
Hypervisor
Hypervisor
APP OS
• Read and write caching reduces shared
storage requirements; real-time inline de-
duplication of IO traffic increases desktop
performance; accelerates performance by
moving virtual desktop disk to local memory
• Can be deployed on each server (as
shown) or top-of-rack
Atlantis ILIO
NAS
VM
VM VM VM
VM VM VM VM
Citrix XenDesktop
Citrix XenServer
Desktop O/S
Master Image
Thin copy
locally cached
Citrix Intellicache
• Caches non-persistent files on local
disk; VMs deployed as thin copies of
master image; cached locally on host
• No-charge feature embedded in Citrix
XenServer; also requires XenDesktop
with Machine Creation Services
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43
Bandwidth Optimization
vWAAS vWAAS
WAE
Nexus
1000v VSM
vPATH
WAAS
vCM
FC
SAN
• Cisco WAAS delivers advanced compression
and application optimization
• In-path, off-path, VM-based deployment options
• Cisco vWAAS provides VM-based optimization
with mobility awareness
• On-demand deployment with minimal
configuration
Load Balancing
Cisco ACE
Mobile
Teleworker
Connection Brokers
Thick
client
Thin Client
Endpoint
(LAN user)
• Minimizes impact of logon storms
• Offloads SSL processing from connection
brokers
• One-armed mode suggested when not
using SSL offload
• Supports virtual contexts
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44 Cisco Confidential © 2011 Cisco and/or its affiliates. All rights reserved. 44
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45
VX
I V
alid
atio
n S
erv
ice
VX
I A
S
VXI Endpoints portfolio • Cisco VXC 21xx and 22xx • Cisco Cius
• Cisco VXC 4000
• Cisco VXC 6215 • Cisco VXCM
UC Applications CUPC 8.5,
CUCM 8.6,
CUCILYNC, CUCIMOC
Webex Connect 7.1
CUCI-Connect 8.5
Quad
Collaboration
Data Center Compute UCS B250 M2,
UCS B210 M2
UCS B230 M2,
UCS C250, C210
Data Center Network Nexus 7000,
Nexus 5000,
Nexus 2000,
Nexus 1000v
VSG,
ACE
Data Center
Virtualization
Cisco Network
WAAS 4.5.1,
vWAAS,
Cat 3K, Cat 4K, Cat 6K
UPoE
ISR G2
ISE 1.0
SmartCards
DMVPN
Borderless
Networks
Network Security
Storage EMC VNX
NetApp FAS 3270
Optimization Atlantis Ilio
Citrix IntelliCache
Mcafee MOVE-AV 2.0
Trend Micro AV 7.5
VXI
Technology
Parnters
Hypervisor Citrix XenServer 5.6, 6.0
VMware vSphere 5.0
Microsoft Hyper-V R2 FP1
Desktop Virtualization Citrix XenDesktop 4, 5, 5.5
Vmware View 4.6 and 5.0
XenApp 6 and 6.5
Profile/Image Mgmt
AppSense
UniDesk
StratusSphere (LiquidWare)
Anyconnect 3.0
VXC VPN
ASA
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46
Collateral Description
Design Guides
Provides Best Practices for deploying an end to end Cisco VXI
System. Spans Datacenter, Borderless Networks and Collaboration
Architectures and includes Performance and Capacity Planning
At A Glance Two page overview of Cisco VXI System including business
opportunity, value proposition and solution components
Reference Architecture Describes Cisco VXI System architecture and includes functional
components
Configuration Guide
Includes Architectural Diagram of Cisco VXI system including
Hardware and Software components tested and configuration files of
the System
Release Notes Summary of open defects found during test, including workarounds
White Papers Various updates for specific solutions.
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47
Cisco Validated Designs, validated through System Level Testing, enable customers to:
• Lower risk of deploying technology solutions
• Increase speed of technology solution deployment
• Deploy a scalable, reliable, predictable foundation
• Ease technology solution integration
• Ease deployment of business critical applications
• Utilize Cisco Advanced Services to customize a CVD to meet specific requirements
Detailed system design and/or implementation guidance are available to provide:
• Customer use examples
• Products, Software and Configurations used in design testing
• Design limitations uncovered during testing
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48
• Other tools to consider:
Citrix: http://flexcast.citrix.com/analyzeandcompare.html
Vmware: http://roitco.vmware.com/vmw/
https://express.salire.com/SignIn.aspx?t=Cisco VXI TCO Calculator
• Designed to demonstrate the financial benefits of desktop virtualization compared to existing PC infrastructure
• Using an interactive financial analysis model to create custom business case and executive summary presentation for the customer
The TCO model includes:
• CAPEX: endpoints, servers, storage network ports, broker and hypervisor costs
• OPEX: desktop support, power &
cooling, Microsoft VDA
• Ability to compare to HP or Dell
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 49